Описание
REDAXO CMS Cross-site Scripting vulnerability
A stored cross-site scripting (XSS) vulnerability in the component /media/test.html of REDAXO CMS v5.17.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the password parameter.
Пакеты
Наименование
redaxo/source
composer
Затронутые версииВерсия исправления
<= 5.17.1
Отсутствует
Связанные уязвимости
CVSS3: 5.4
nvd
около 1 года назад
A stored cross-site scripting (XSS) vulnerability in the component /media/test.html of REDAXO CMS v5.17.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the password parameter.